Installation (Fiber v3)
Requirements
Install
go get github.com/gofiber/fiber/v3
go get github.com/izetmolla/goauth
go get github.com/izetmolla/fiberauth
Optional adapters and providers:
go get github.com/izetmolla/goauth/adapters/postgres
go get github.com/izetmolla/goauth/providers/credentials
go get github.com/izetmolla/goauth/providers/otp
Minimal Fiber app
package main
import (
"log"
"github.com/gofiber/fiber/v3"
"github.com/izetmolla/fiberauth"
"github.com/izetmolla/goauth"
"github.com/izetmolla/goauth/providers/credentials"
)
func main() {
auth, err := goauth.New(goauth.Config{
Secret: []string{"your-32-byte-or-longer-secret"},
TrustHost: true,
Providers: []goauth.Provider{
credentials.New(credentials.Options{
Authorize: authorizeUser, // your function
}),
},
})
if err != nil {
log.Fatal(err)
}
app := fiber.New()
// All goauth HTTP actions under /auth
app.All("/auth/*", fiberauth.Handler(auth))
// Protected API
app.Get("/api/me", fiberauth.Protect(auth), func(c fiber.Ctx) error {
s := fiberauth.SessionFrom(c)
return c.JSON(fiber.Map{"user": s.User})
})
log.Fatal(app.Listen(":3000"))
}
Environment variables (production)
| Variable | Example | Used for |
|---|---|---|
AUTH_SECRET | random 32+ bytes | Config.Secret |
APP_URL | https://api.example.com | Config.URL |
ADDR | 0.0.0.0:3000 | Fiber listen address |
SPA + Vite proxy (recommended)
During development, proxy /auth and /api to your Go server so the browser sees same-origin requests (cookies + CSRF work without extra CORS):
// vite.config.ts
export default {
server: {
proxy: {
"/auth": "http://localhost:3000",
"/api": "http://localhost:3000",
},
},
};
The fiberauth example uses this pattern with Tokens.AlwaysReturn for a React SPA.
Next: Mounting & auth API.